Disable CSRF in a plugin

I am adding webhooks to a sendgrid plugin and I need to disable CSRF for an action in the plugin.

I know I can do it in the application.php but is there a way to disable it from the plugin so that it is really “plug and play”. Not requiring the user of the plugin to do config.

I have tried adding the csrf plugin to the end of the queue with my middlware function in the plugin file hoping to overwrite the existing one. No.

I have tried adding it as scoped route but not sure whats happening there.

Is it possible or is the config locked down to application.php for security reasons?